MoonShine - Optimizing OS Fuzzer Seed Selection with Trace Distillation

Explore an innovative approach to optimizing OS fuzzer seed selection through trace distillation in this USENIX Security '18 conference talk. Dive into the challenges of generating effective seed system call sequences for OS fuzzing and learn how MoonShine, a novel strategy, addresses these issues. Discover how MoonShine leverages light-weight static analysis to efficiently detect dependencies across system calls, distilling millions of system calls from real-world programs into a compact, diverse set of seeds. Examine the implementation of MoonShine as an extension to Syzkaller, a state-of-the-art evolutionary fuzzer for the Linux kernel, and analyze its impressive results in improving code coverage and uncovering new vulnerabilities. Gain insights into the comparison between trace distillation and user-level seed selection, the challenges of distillation, and the techniques for tracking implicit dependencies. Evaluate the effectiveness of this approach through detailed setup and performance metrics, concluding with a discussion on the significant improvements in coverage achieved by MoonShine.

Intro
OS Fuzzing - Overview
Synthetic Program Generation
Trace Distillation vs. User-Level Seed Selection
Distillation Challenges
Tracking Implicit Dependencies
Implementation
Evaluation - Setup
Effectiveness of Distillation
Conclusion
Coverage Improvement